Preface to the Fourth Edition

Public interest in the field of risk analysis has expanded in leaps and bounds during the recent three decades. Furthermore, risk analysis has emerged as an effective and comprehensive procedure that supplements and complements the overall management of almost all aspects of our lives. Managers of health care, the environment, and physical infrastructure systems of systems (e.g., water resources, transportation, infrastructure interdependencies, homeland and cyber security, and electric power, to cite a few) all incorporate risk analysis in their decisionmaking processes. The omnipresent adaptations of risk analysis by many disciplines, along with its deployment by industry and government agencies in decisionmaking, have led to an unprecedented development of theory, methodology, and practical tools. As a fellow of seven diverse professional societies, I find technical articles on risk analysis published in all of their journals. These articles address concepts, tools, technologies, and methodologies that have been developed and practiced in such areas as planning, design, development, system integration, prototyping, and construction of physical infrastructure; in reliability, quality control, and maintenance; and in the estimation of costs and schedules and in project management.

The challenge that faces society today is that all of this knowledge has not been fully duplicated, shared, and transferred from one field of endeavor to another. This calls for a concerted effort to improve our understanding of the commonalities and differences among diverse fields for the mutual benefit of society as a whole. Such a transfer of knowledge has always been the key to advancing the natural, social, and behavioral sciences, as well as engineering. I believe that we can start meeting this challenge through our college and university classrooms and through continuing education programs in industry and government. It is essential to build bridges among the disciplines and to facilitate the process of learning from each other.

Risk, a measure of the probability and severity of adverse effects, is a concept that many find difficult to comprehend, and its quantification has challenged and confused laypersons and professionals alike. There are myriad fundamental reasons for this state of affairs. One is that risk is a complex composition and amalgamation of two components-one real (the potential damage, or unfavorable adverse effects and consequences), the other (the likelihood of projected adverse consequences), measured or estimated through an imagined mathematical human construct termed probability. Probability per se is intangible, yet its omnipresence in risk-based decisionmaking is indisputable. Furthermore, the measure of the probability that dominates the measure of risk is itself uncertain, especially for rare and extreme events-for example, when there exists an element of surprise.

This book seeks to balance the quantitative and empirical dimensions of risk assessment and management with the more qualitative and normative aspects of decisionmaking under risk and uncertainty. In particular, select analytical methods and tools are presented without advanced mathematics or with no mathematics at all, to enable the less math-oriented reader to benefit from them. For example, hierarchical holographic modeling (HHM) is introduced and discussed in Chapter 3 for its value as a comprehensive and systemic tool for risk identification. While all mathematical details for hierarchical coordination (within the HHM philosophy) are mostly left out of the text, they are included in my earlier book, cited in Chapter 1, Hierarchical Multiobjective Analysis of Large-Scale Systems [Haimes et al., 1990]. Myriad case study applications of the HHM approach for risk identification are presented here, including studies conducted for the Presidential Commission for Critical Infrastructure Protection, the US Army, General Motors, the Federal Bureau of Investigation, Virginia Department of Transportation, VA Governor's Office, Institute for Information Infrastructure Protection (I3P), US Department of Homeland Security, and the US Department of Defense, among others. The HHM philosophy is grounded on the premise that complex systems, such as air traffic control systems, should be studied and modeled in more than one way. Because such complexities cannot be adequately modeled or represented through a planar or single model or vision, overlapping of these visions is unavoidable. This can actually be helpful in providing a holistic appreciation of the interconnectedness among the various components, aspects, objectives, and decisionmakers associated with a system.

Furthermore, this holistic approach stems from the realization that the process of risk assessment and management is a blend of art and science; and although mathematical formulation and modeling of a problem are important for sound decisionmaking, they are not by themselves sufficient for that purpose. Clearly, institutional, organizational, managerial, political, and cultural considerations, among others, can be as dominant as scientific, technological, economic, or financial aspects, and must be accounted for in the decisionmaking process.

Consider, for example, the protection and management of a major water supply system. Deploying the HHM approach discussed in Chapter 3, it is possible to address the holistic nature of the system in terms of its hierarchical decisionmaking structure, which includes various time horizons, multiple decisionmakers, stakeholders, and users of the water supply system, and a host of hydrological, technological, legal, and other socioeconomic conditions and factors that require consideration. The effective identification of the myriad sources of risk to which natural, cyber, or physical system are exposed is markedly improved by considering all real, perceived, or imaginary risks from their multiple decompositions, visions, and perspectives.

The adaptive multiplayer HHM (AMP-HHM) game, introduced in Chapter 3, is an important concept with the potential to serve as a repeatable, adaptive, and systemic process that can contribute to tracking terrorism scenarios [Haimes and Horowitz, 2004]. It builds on fundamental principles of systems engineering, systems modeling, and risk analysis. The AMP-HHM game captures multiple perspectives of a system through computer-based interactions. For example, a two-player game creates two opposing views of the opportunities for carrying out acts of terrorism: one developed by a Blue team defending against terrorism, and the other by a Red team planning to carry out a terrorist act.

This book draws on my experience in the practice of risk-based decisionmaking in government and industry, and it builds on results from numerous management-based projects. It is also based on homework and exams compiled during over 40 years of teaching graduate courses in risk analysis at Case Western Reserve University and at the University of Virginia. In addition, the text incorporates the results of close to four decades of research and consulting work with industry and government that has resulted in over 80 masters and 50 doctoral theses and numerous technical papers on risk analysis.

I have also gained experience and knowledge from organizing and chairing 12 Engineering Foundation conferences on risk-based decisionmaking since 1980. The interaction with the participants in these intensely focused meetings has markedly influenced the structure of this book. I have benefited as well from the foresight and practical orientation of hundreds of participants in numerous short courses that I taught along with colleagues from 1968 to the present. For example, for 29 consecutive years, I offered a 1-week short course titled Hierarchical-Multiobjective Approach in Water Resources Planning and Management. I have been offering a graduate course on risk analysis at the University of Virginia since 1987.

In preparing the first (1998), second (2004), third (2009), and fourth (2016) editions of this book, I have been guided by the following premises and needs:

1. Increasingly, international as well as US federal and state legislators and regulatory agencies have been addressing the assessment and management of risk more explicitly, whether in environmental and health protection, human safety, manufacturing, or security.
2. There is a need for a text that presents both basic and advanced methodologies in risk analysis at a sufficiently detailed level so that the reader can confidently apply specific methods to appropriate problems. To achieve this fundamental goal, risk methodologies presented in this book are supplemented with example problems and, when possible, with case study applications.
3. The modeling and assessment of risk necessarily lead to noncommensurate and conflicting objectives. Invariably, the reduction or the management of risk requires the expenditure of funds and other resources. Thus, at its simplest modeling level, at least two objectives must be considered: (i) minimizing and managing risk (e.g., environmental risk, health risk, and risk of terrorism) and (ii) minimizing the cost associated with achieving these goals. Although the concept of a multiattribute utility may be grounded on a brilliant theory, it might not be practical when applied to real-world problems and human decisionmakers. Therefore, this book emphasizes multiobjective trade-off analysis, which avoids the pre-commensuration of risks, costs, and benefits through a single utopian...